Since the beginning of the Coronavirus outbreak, phishing attacks related to COVID-19 have emerged. Now it is time for a team from Google specializing in cybersecurity to ensure that it has identified more than a dozen government-backed attackers, that is, high-level attackers, who have used pandemic-related themes for phishing and malware attempts. Portugal is not included in the countries that were affected.
In its report on the results of Internet trends in the midst of a pandemic, the Threat Analysis Group (TAG) highlights in particular a "remarkable campaign", but which did not have the intended objective. The attempt went through directing personal accounts of United States government officials through American fast food chains, as well as through messages about COVID-19. Some of them offered free meals in response to the pandemic.
Other messages suggested that recipients visit platforms, disguised as online delivery and ordering sites. As soon as people clicked on the email option, phishing pages were designed to trick them into supplying their Google account credentials.
The technology giant guarantees that most of these messages were sent to spam, without any user actually accessing them. The company also ensures that it was able to preventively block the domains through secure browsing. Thus, Google explains that it is not aware of users who have had their account compromised through this campaign.
Google also detected hackers who tried to trick people into downloading malware by posing as health organizations.
Health organizations are becoming common targets
The Google team has also spotted a new trend, with health organizations being the target. The experts corroborate the news that reported the attack by the World Health Organization and explain that health organizations, public health agencies and employees are becoming new ways to exploit the attacks.
Against this background, Google is adding new security features to more than 50,000 accounts considered "high risk". The company clarifies, however, that it is not seeing a general increase in this type of phishing attacks, being just a "change of tactic". The technological giant even speaks of a drop in these numbers in March, when compared to January and February, because even the hackers themselves may be facing problems.
While it is not uncommon to see some variations in these numbers, hackers may, like many other organizations, be dealing with delays and problems due to global blockages and the impact of quarantine. To identify and prevent threats, Google uses a strategy that is based on a combination of internal research tools and the dissemination of information with industry partners and researchers. In addition, it has clues and information from specialists in other areas.
In order to support this broader community of cybersecurity researchers, Google is making more than $ 200,000 in grants available as part of a Vulnerability Research Grant fund. That value will be among the experts on that Google team, who help identify various vulnerabilities.